service-mam-client.clusters.pluto.tv Open in urlscan Pro
13.224.193.124  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response service-mam-client.clusters.pluto.tv/	3 KB 2 KB	467ms 408ms	Document text/html	13.224.193.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://service-mam-client.clusters.pluto.tv/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.193.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-124.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 9157bd8511dd82817ec0bce4f2f5d4998f54b94629580c3d49b59b8fe7d2b36e Request headers Host service-mam-client.clusters.pluto.tv Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Date Mon, 20 Sep 2021 10:47:56 GMT Last-Modified Mon, 20 Sep 2021 10:20:14 GMT ETag W/"9a11d937729747efd9835ded04a97253" Server AmazonS3 Content-Encoding gzip Vary Accept-Encoding X-Cache Miss from cloudfront Via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C1 X-Amz-Cf-Id l2_aiif50t4isGOTBCeO726O5woToH9Uj8XMkgW1Ih0QYqeUYB4NwA==
GET H/1.1	200 OK	2.46bfa2ec.chunk.css service-mam-client.clusters.pluto.tv/static/css/	42 KB 9 KB	401ms 400ms	Stylesheet text/css	13.224.193.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://service-mam-client.clusters.pluto.tv/static/css/2.46bfa2ec.chunk.css Requested by Host: service-mam-client.clusters.pluto.tv URL: https://service-mam-client.clusters.pluto.tv/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.193.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-124.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 98abd0e74174908c30229fe3b724b8cc6dc828d6c9e46976e27dbec44046a0de Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host service-mam-client.clusters.pluto.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://service-mam-client.clusters.pluto.tv/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://service-mam-client.clusters.pluto.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 20 Sep 2021 10:47:56 GMT Content-Encoding gzip Last-Modified Mon, 20 Sep 2021 10:20:14 GMT Server AmazonS3 X-Amz-Cf-Pop FRA2-C1 ETag W/"08269f2e2bfeefbef406474d593e7a84" Vary Accept-Encoding X-Cache Miss from cloudfront Content-Type text/css; charset=utf-8 Via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) Transfer-Encoding chunked Connection keep-alive X-Amz-Cf-Id aY51PSZRHwDF6arZfpMgs3buYJsmFVY-N9Q_s7i4rNtydyM3ADxbGQ==
GET H/1.1	200 OK	main.d7981531.chunk.css service-mam-client.clusters.pluto.tv/static/css/	159 KB 24 KB	426ms 406ms	Stylesheet text/css	13.224.193.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://service-mam-client.clusters.pluto.tv/static/css/main.d7981531.chunk.css Requested by Host: service-mam-client.clusters.pluto.tv URL: https://service-mam-client.clusters.pluto.tv/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.193.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-124.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 07a21d604405f63434b2260ccad1166b957810c37136d3384401763695dc43bf Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host service-mam-client.clusters.pluto.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://service-mam-client.clusters.pluto.tv/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://service-mam-client.clusters.pluto.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 20 Sep 2021 10:47:56 GMT Content-Encoding gzip Last-Modified Mon, 20 Sep 2021 10:20:14 GMT Server AmazonS3 X-Amz-Cf-Pop FRA2-C1 ETag W/"99a233853264fa116d513fbb8a1ab2f1" Vary Accept-Encoding X-Cache Miss from cloudfront Content-Type text/css; charset=utf-8 Via 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront) Transfer-Encoding chunked Connection keep-alive X-Amz-Cf-Id IHPK8f28B1BMEIOaTg_0p8qzFcBHDsmMyK-hXrIkgCC-nWuAP1Yp7Q==
GET H/1.1	200 OK	2.db61807c.chunk.js Show response service-mam-client.clusters.pluto.tv/static/js/	2 MB 675 KB	461ms 439ms	Script application/javascript	13.224.193.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://service-mam-client.clusters.pluto.tv/static/js/2.db61807c.chunk.js Requested by Host: service-mam-client.clusters.pluto.tv URL: https://service-mam-client.clusters.pluto.tv/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.193.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-124.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 329841b3e2ac3c7103d80b393234c7e47e5759657ed06088dea33fe761db82b5 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host service-mam-client.clusters.pluto.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://service-mam-client.clusters.pluto.tv/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://service-mam-client.clusters.pluto.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 20 Sep 2021 10:47:56 GMT Content-Encoding gzip Last-Modified Mon, 20 Sep 2021 10:20:14 GMT Server AmazonS3 X-Amz-Cf-Pop FRA2-C1 ETag W/"3d18ab6b30a434f9b82f67f4d1396af8" Vary Accept-Encoding X-Cache Miss from cloudfront Content-Type application/javascript; charset=utf-8 Via 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront) Transfer-Encoding chunked Connection keep-alive X-Amz-Cf-Id vPR-UyqSjD8oS_dAio-eHFwrHATL3LBSvljkr6H3VsSEO3uaSDhRLA==
GET H/1.1	200 OK	main.4459b93b.chunk.js Show response service-mam-client.clusters.pluto.tv/static/js/	676 KB 160 KB	453ms 432ms	Script application/javascript	13.224.193.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://service-mam-client.clusters.pluto.tv/static/js/main.4459b93b.chunk.js Requested by Host: service-mam-client.clusters.pluto.tv URL: https://service-mam-client.clusters.pluto.tv/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.193.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-124.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 8e6cf3873fe6caa0e07bc532e66b39f660b8faa66e4e8d554957ce284d97f678 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host service-mam-client.clusters.pluto.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://service-mam-client.clusters.pluto.tv/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://service-mam-client.clusters.pluto.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 20 Sep 2021 10:47:56 GMT Content-Encoding gzip Last-Modified Mon, 20 Sep 2021 10:20:14 GMT Server AmazonS3 X-Amz-Cf-Pop FRA2-C1 ETag W/"e29f8b3015319b8804bc4822835204d9" Vary Accept-Encoding X-Cache Miss from cloudfront Content-Type application/javascript; charset=utf-8 Via 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront) Transfer-Encoding chunked Connection keep-alive X-Amz-Cf-Id FtsVzcHcKpGGGEpxYl5KM-sSKIb9ofx8tUHYLa8Xvwtrx3gNpYM0Jg==
GET H2	200	api.js Show response apis.google.com/js/	12 KB 6 KB	177ms 72ms	Script application/javascript	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: service-mam-client.clusters.pluto.tv URL: https://service-mam-client.clusters.pluto.tv/static/js/2.db61807c.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software ESF / Resource Hash 71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-boX3J9KQ2zjpxhK3DHAZDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://service-mam-client.clusters.pluto.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 10:47:56 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF x-frame-options SAMEORIGIN etag "6cf1a8085d365822968a50501ed9fdee" strict-transport-security max-age=31536000 content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-boX3J9KQ2zjpxhK3DHAZDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * expires Mon, 20 Sep 2021 10:47:56 GMT
GET H/1.1	200 OK	PlutoTVlogo.fe343281.png service-mam-client.clusters.pluto.tv/static/media/	273 KB 273 KB	143ms 143ms	Image image/png	13.224.193.124 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://service-mam-client.clusters.pluto.tv/static/media/PlutoTVlogo.fe343281.png Requested by Host: service-mam-client.clusters.pluto.tv URL: https://service-mam-client.clusters.pluto.tv/static/css/main.d7981531.chunk.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.193.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-124.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 521475438e0fc6c8faebce28c904679b9bfa60d90ced9bc353e5bffdb1b31024 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host service-mam-client.clusters.pluto.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://service-mam-client.clusters.pluto.tv/static/css/main.d7981531.chunk.css Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://service-mam-client.clusters.pluto.tv/static/css/main.d7981531.chunk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 20 Sep 2021 10:47:57 GMT Via 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront) Last-Modified Mon, 20 Sep 2021 10:20:14 GMT Server AmazonS3 X-Amz-Cf-Pop FRA2-C1 ETag "fe3432814bfc9d4b0f2d8963bc9e3125" X-Cache Miss from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 279213 X-Amz-Cf-Id 5NJfhb3O-QV1i2NHfCK8TppDGlQD27usIF4dLkfwJeyrMklG7za2AA==
GET H/1.1	200 OK	PlutoTV-Medium.ce53e4d2.woff service-mam-client.clusters.pluto.tv/static/media/	60 KB 61 KB	388ms 388ms	Font font/woff	13.224.193.124 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://service-mam-client.clusters.pluto.tv/static/media/PlutoTV-Medium.ce53e4d2.woff Requested by Host: service-mam-client.clusters.pluto.tv URL: https://service-mam-client.clusters.pluto.tv/static/css/main.d7981531.chunk.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.193.124 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-193-124.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 28b30160af44428608dcf502197a7639f7516f3a467988939880ebcade836487 Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://service-mam-client.clusters.pluto.tv Accept-Encoding gzip, deflate, br Host service-mam-client.clusters.pluto.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Accept */* Cache-Control no-cache Sec-Fetch-Dest font Referer https://service-mam-client.clusters.pluto.tv/static/css/main.d7981531.chunk.css Connection keep-alive Referer https://service-mam-client.clusters.pluto.tv/static/css/main.d7981531.chunk.css Origin https://service-mam-client.clusters.pluto.tv Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 20 Sep 2021 10:47:58 GMT Via 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront) Last-Modified Mon, 20 Sep 2021 10:20:14 GMT Server AmazonS3 X-Amz-Cf-Pop FRA2-C1 ETag "ce53e4d2f66f2ccfb1e149adcee09e4a" X-Cache Miss from cloudfront Content-Type font/woff Connection keep-alive Accept-Ranges bytes Content-Length 61768 X-Amz-Cf-Id fs1S_YyLVbuMg2qyQ0f5MVhbjvy6Didj0ZRTKZavr5YzvAMPRttfLQ==
GET H2	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/	103 KB 35 KB	8ms 7ms	Script text/javascript	142.250.186.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f14.1e100.net Software sffe / Resource Hash 59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://service-mam-client.clusters.pluto.tv/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 13 Sep 2021 19:57:15 GMT content-encoding gzip x-content-type-options nosniff age 571842 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35070 x-xss-protection 0 last-modified Mon, 23 Aug 2021 18:17:31 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Tue, 13 Sep 2022 19:57:15 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame 0EDC	513 B 922 B	52ms 17ms	Document text/html	142.250.186.45 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.45 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f13.1e100.net Software ESF / Resource Hash cc127b52badef8bc51943e01ede6475df288d1e9a545b0a63e9fa658d1e1b066 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UrcCS28mDeikJ1jdt+3Law' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority accounts.google.com :scheme https :path /o/oauth2/iframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://service-mam-client.clusters.pluto.tv/ accept-encoding gzip, deflate, br cookie NID=511=FPRpHpW1-slgTltKYPMSw7RY9Et2REjOH5i9HOVuExZoaoxaBDSKMPkMiTaZcingsjSCI9Aygh2224lQKMVHI6uHv0bByOOr1f-BAf8Sg8pQU0vu9OPcP3F07PXrNA7kfG9t5ylkNZKs1GqRMalnGgX1aWYsin76KL_UZS9kMzQ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://service-mam-client.clusters.pluto.tv/ Response headers content-type text/html; charset=utf-8 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Mon, 20 Sep 2021 10:47:57 GMT content-language en-US content-security-policy script-src 'report-sample' 'nonce-UrcCS28mDeikJ1jdt+3Law' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	1260035447-idpiframe.js Show response ssl.gstatic.com/accounts/o/ Frame 0EDC	116 KB 40 KB	41ms 7ms	Script text/javascript	142.250.184.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/accounts/o/1260035447-idpiframe.js Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f3.1e100.net Software sffe / Resource Hash 44c8661f02d0547ad8bc6deb777a16c9f8bd783b5d6eb4a75eeaffed8e570042 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 17 Sep 2021 13:07:13 GMT content-encoding gzip x-content-type-options nosniff age 250844 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40581 x-xss-protection 0 last-modified Fri, 10 Sep 2021 02:29:46 GMT server sffe vary Accept-Encoding report-to {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="federated-signon-mpm-access" expires Sat, 17 Sep 2022 13:07:13 GMT
GET H3	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame 0EDC	14 B 58 B	50ms 33ms	XHR application/json	142.250.186.45 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fservice-mam-client.clusters.pluto.tv&client_id=314958769709-d4mul51m5p49kq6e3a8smv6cge478j7b.apps.googleusercontent.com Requested by Host: ssl.gstatic.com URL: https://ssl.gstatic.com/accounts/o/1260035447-idpiframe.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.45 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f13.1e100.net Software ESF / Resource Hash 8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe X-Requested-With XmlHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 20 Sep 2021 10:47:57 GMT content-encoding gzip x-content-type-options nosniff server ESF content-type application/json; charset=utf-8 cache-control public, max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Mon, 20 Sep 2021 11:47:57 GMT

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| webpackJsonpservice-mam-client number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime object| __core-js_shared__ function| hotkeys object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions function| setImmediate function| clearImmediate function| _ object| gapi object| ___jsl object| osapi

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 01:45:46	Name: NID Value: 511=FPRpHpW1-slgTltKYPMSw7RY9Et2REjOH5i9HOVuExZoaoxaBDSKMPkMiTaZcingsjSCI9Aygh2224lQKMVHI6uHv0bByOOr1f-BAf8Sg8pQU0vu9OPcP3F07PXrNA7kfG9t5ylkNZKs1GqRMalnGgX1aWYsin76KL_UZS9kMzQ
			.service-mam-client.clusters.pluto.tv/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
service-mam-client.clusters.pluto.tv
ssl.gstatic.com
13.224.193.124
142.250.184.195
142.250.186.45
142.250.186.78
07a21d604405f63434b2260ccad1166b957810c37136d3384401763695dc43bf
28b30160af44428608dcf502197a7639f7516f3a467988939880ebcade836487
329841b3e2ac3c7103d80b393234c7e47e5759657ed06088dea33fe761db82b5
44c8661f02d0547ad8bc6deb777a16c9f8bd783b5d6eb4a75eeaffed8e570042
521475438e0fc6c8faebce28c904679b9bfa60d90ced9bc353e5bffdb1b31024
59611414404075b2acabb597d983e323859932efab7ef0cdd45cb25b5bc87c86
71f6ddf045f219694a515f6a9cbd397947150d872f33c9f03b7629d6f8b45c6d
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8e6cf3873fe6caa0e07bc532e66b39f660b8faa66e4e8d554957ce284d97f678
9157bd8511dd82817ec0bce4f2f5d4998f54b94629580c3d49b59b8fe7d2b36e
98abd0e74174908c30229fe3b724b8cc6dc828d6c9e46976e27dbec44046a0de
cc127b52badef8bc51943e01ede6475df288d1e9a545b0a63e9fa658d1e1b066